NCSAM: Diversity, Consistency, and Security Intelligence

The security community at Cisco is very diverse. It extends beyond the typical researcher or analyst roles to include customer-facing engineers and marketing, public relations, and legal teams. The community is comprised of individuals with greatly varied backgrounds, skill sets, and charters and contains a wealth of knowledge on just about any topic. This diversity allows Cisco Security Intelligence Operations to understand and react appropriately to today’s threats as well as those that we may face in the future.

If we think about security intelligence—which I define as raw information enhanced through correlation, processing or perspective—having an established variety of inputs is key. Our people are certainly one of those inputs.

The trick, however, is utilizing that diversity in such a way that you can create consistent and predictable outputs that can be easily absorbed and acted on.

Grasping unfamiliar security issues can be difficult enough without having to decipher a document’s purpose or format. Instead, it is vital that you be able to readily find the information you require. Whether you’re looking for a CVSS Score or fixed-software information, you should be able to find it in exactly the same location as you did previously. Without such consistency, the delivery of our operational messages would be slowed, confused or lost entirely.

There will be times, however, where we must update the format of our outputs or even create entirely new outputs. As a customer-focused organization we’re constantly working to evolve our work to changes in customer expectations or the security landscape. The release of OVAL and CVRF documents for the recent Cisco IOS Software Security Advisory bundle is an example of us doing exactly that. When we do make changes we will communicate them to you so that you can understand and plan for them going forward.

October is National Cyber Security Awareness Month (NCSAM). If you regularly follow this blog you’ll know that our content is as diverse as the community I’ve described above. We have asked individuals from around Cisco to share their security views during October here on the blog. Some of these individuals might be familiar to you, but many of them will be unfamiliar. All of this month’s NCSAM posts can be found using the “cyber-security-month-2012” tag just as we did in 2011.

I encourage you to comment and share your opinions as you read the posts on this blog. Your perspective and feedback is important to us.

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.